Wow, a user actually using a BCM as more then a phone system! cool, I thought this was a myth! Guess there is some truth to the "convergence" argument after all.
I believe you can go this from "Policy Management" - "IP Firewall filters".
Create an Outbound Filter rule and you should be able to restrict access to a destination port range (HTTP).
However it is by IP, so if you are using DHCP, then you will need to make a reservation for the PC to ensure it always gets the same IP address.
This is assuming the BCM is the gateway for the client PC.
I've only played with this, haven't done it. I gave up long ago on using the BCM for anything more then a Nortel Phone system.
Good Luck and forgive my cynicism.